Gmail archiving program is actually spyware

Mon Mar 17, 2008 11:38AM EDT

See Comments (11)

If you've used the G-Archiver program to back up your Gmail (aka Google Mail) email, you've got a headache on your hands. The program has been revealed to be a malicious spyware app that emails your Gmail username and password to a secret Gmail account.

This revelation is especially troubling because most Gmail users use a single Google account to access a wide range of services. Those with AdSense accounts or Google Checkout accounts could face severe financial losses if their Gmail password were to fall into the wrong hands.

G-Archiver is wholly unaffiliated with Google or Gmail and is the product of an independent developer. The revelation that G-Archiver was spyware emerged last week courtesy of programmer Dustin Brooks, who analyzed the source code to find a crude spyware system inside, complete with the name and password of the account to which G-Archiver sends all its victims' account information. He accessed that account and found thousands of records of usernames and passwords inside, including, of course, his own. (Brooks also deleted all those records and changed the password on the account by way of vigilante justice. Good man!)

Meanwhile, in what has to be the least credible excuse/explanation ever, G-Archiver has posted a notice on its website that the program was not spyware but rather that "a member of our development team had inserted coding used for testing G-Archiver in the debug version and forgot to delete it in the final release version." Uh, right...

G-Archiver's solution, however, is correct: If you have ever installed the program you should uninstall it and change your Google account password immediately. G-Archiver is so new that it probably will not show up in scans from most anti-spyware products yet.

As well, I probably needn't bother telling you that I don't recommend installing the upcoming new version of G-Archiver when it is released, even if the "flaw" is "corrected." Same goes for other sketchy third-party applications that promise to download messages from any webmail service... provided you give them your name and password. Not all are spyware, to be sure, but you should still tread lightly in this area.

Comments on Gmail archiving program is actually spyware

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 1 Posted by mzw986 on Mon Mar 17, 2008 12:21PM EDT Report Abuse

    The best way to archive a Gmail account is through POP access and a *reputable* POP email program. Simply set your Gmail to Enable POP for all mail (even mail that's already been downloaded), under Settings. Then download your mail into the POP email program you have and voila, instant back up!

  • 2 Posted by aviasphere on Mon Mar 17, 2008 1:01PM EDT Report Abuse

    Google is so cotton pickin' evil it has ceased to be funny!!!!

  • 3 Posted by m_knopp on Mon Mar 17, 2008 1:11PM EDT Report Abuse

    aviasphere, what does this article have to do with Google? Some company wholly unrelated to Google scammed a bunch of people into giving out their usernames and passwords (should have been an automatic red flag) for Google mail. So while you might not like Google, this article does nothing to support your hatred, and your comments in a column such as this only serves to undermine your credibility on the subject. Just food for thought.

  • 4 Posted by agustin2489 on Mon Mar 17, 2008 2:17PM EDT Report Abuse

    I find it a tad bit odd that there are archiver programs for Gmail. The size of the inbox is essentially enough that you can archive everything you want there.

  • 5 Posted by rogueist on Mon Mar 17, 2008 6:13PM EDT Report Abuse

    Not new at all. This news is at least 3 years old to us in the security business. It just looks like finally someone paid attention to it.

More Posts: First Prev 1 2 Next Last

Post a Comment

Sign In to Post a Comment

 

Sign In to see your profile information, saved products and more...

Register Sign In

My Favorite Gadgets

 



Quick Compare See All Favorite Gadgets
 

Recent Activity

 

Recently Viewed

on | off on | off
 

Recent Searches

on | off on | off
 
 
 

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.